Tag: spectre

Bruce Dawson once worked for Microsoft where he found a bug in the Xbox 360 that he was reminded of by the Spectre and Meltdown exploits:

A game developer who was using this function reported weird crashes – heap corruption crashes, but the heap structures in the memory dumps looked normal. After staring at the crash dumps for awhile I realized what a mistake I had made.

There are two big computer vulnerabilities that were announced recently, Spectre and Meltdown attacks. These are significant because they affect almost every desktop, laptop, smartphone, tablet, and game console. Almost anything with a processor can be exploited to give attackers passwords and whatever other private information is on a device.

The attacks work because of the way that computer processors attempt to speculatively work ahead of their current point in executing a computer program. My understanding is that even code executed in your web browser could execute these attacks.

The workarounds that operating systems are implementing may slow these devices down because the attacks utilize performance features of the processors, but the performance effects of the mitigation might not be noticeable outside of specific workloads.

These aren’t normal software vulnerabilities, where a patch fixes the problem and everyone can move on. These vulnerabilities are in the fundamentals of how the microprocessor operates.

It shouldn’t be surprising that microprocessor designers have been building insecure hardware for 20 years. What’s surprising is that it took 20 years to discover it. In their rush to make computers faster, they weren’t thinking about security. They didn’t have the expertise to find these vulnerabilities. And those who did were too busy finding normal software vulnerabilities to examine microprocessors. Security researchers are starting to look more closely at these systems, so expect to hear about more vulnerabilities along these lines.